package com.ruoyi.framework.security;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import java.util.Collection;

/**
 * 短信登录专用令牌，替代UsernamePasswordAuthenticationToken
 */
public class SmsAuthenticationToken extends AbstractAuthenticationToken {

    private final Object principal; // 未认证=手机号，已认证=H5LoginUser

    // 未认证构造器（提交手机号时）
    public SmsAuthenticationToken(String phone) {
        super(null);
        this.principal = phone;
        setAuthenticated(false);
    }

    // 已认证构造器（认证通过后）
    public SmsAuthenticationToken(Object loginUser, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal = loginUser;
        super.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return null; // 短信登录无密码凭证
    }

    @Override
    public Object getPrincipal() {
        return principal;
    }

    @Override
    public void setAuthenticated(boolean isAuthenticated) {
        if (isAuthenticated) {
            throw new IllegalArgumentException("禁止手动设置认证状态");
        }
        super.setAuthenticated(false);
    }
}